CCNA 200-301 Networking Fundamentals Flashcards

Vocabulary-style flashcards covering the core concepts of the CCNA 200-301 curriculum, including network models, protocols, security, automation, and AI.

OSI Model

A seven-layered approach to data transmission that divides operations into specific related groups of actions at each layer.

TCP/IP Stack

A protocol stack consisting of multiple protocols including Transmission Control Protocol and Internet Protocol.

Application Layer

The OSI layer that provides network services to the applications of the user.

Presentation Layer

The OSI layer that ensures information sent at the application layer of one system is readable by the application layer of another system.

Session Layer

The OSI layer that establishes, manages, and terminates sessions between two communicating hosts.

Transport Layer

The OSI layer that defines services to segment, transfer, and reassemble data for individual communications, providing end-to-end error recovery and flow control.

Network Layer

The OSI layer providing connectivity and path selection between host systems on geographically separated networks through routing and Quality of Service.

Data Link Layer

The OSI layer defining how data is formatted for transmission, how access to physical media is controlled, and providing error detection.

Physical Layer

The OSI layer defining specifications for activating, maintaining, and deactivating the physical link and conveying the bitstream as electrical, light, or radio signals.

IOS (Internetworking Operating System)

The Cisco operating system used on the majority of Cisco enterprise-grade network devices.

Flash

The memory location where the IOS operating system image is typically stored.

NVRAM

Non-Volatile Random Access Memory where the startup configuration of a Cisco device is stored.

User EXEC Mode

The Cisco IOS command line mode indicated by the 'Router>' prompt, providing very limited read-only access (Level 1).

Privileged EXEC Mode

The Cisco IOS command line mode indicated by the 'Router#' prompt, offering complete control over the router (Level 15).

Global Configuration Mode

The Cisco IOS mode accessed via the 'configure terminal' command, indicated by 'Router(config)#'.

Flow Control

The process of adjusting data flow from sender to receiver to ensure the receiving host can handle the volume.

Session Multiplexing

The process by which a host supports multiple sessions simultaneously, managing individual traffic streams over a single link using source and destination ports.

TCP (Transmission Control Protocol)

A connection-oriented Layer 4 protocol that performs sequencing and reliable delivery where lost segments are resent.

UDP (User Datagram Protocol)

A connectionless, 'best effort' Layer 4 protocol that is not reliable and does not perform sequencing or flow control.

IPv4 Address

A $32$ bit long address used for Internet Protocol version 4.

Subnet Mask

A $32$ bit long value that defines the boundary between the network portion and the host portion of an IP address.

Broadcast Address

The destination address used to send traffic to all hosts in a subnet, represented by all '1's in the host portion.

IANA (Internet Assigned Numbers Authority)

The organization responsible for the global coordination of Internet IPv4 addressing.

Private Addresses (RFC 1918)

IP addresses valid for host assignment but not routable on the public internet, including the ranges $10.0.0.0$ to $10.255.255.255$, $172.16.0.0$ to $172.31.255.255$, and $192.168.0.0$ to $192.168.255.255$.

CIDR (Classless Inter-Domain Routing)

A system that replaced fixed network boundaries with a flexible prefix system allowing for subdivided or aggregated networks.

VLSM (Variable Length Subnet Masking)

A technique allowing subnets to be sized differently according to the number of hosts required.

MAC Address

A $48$ bit ($6$ byte) globally unique hardware identifier burned into ogni NIC port.

OUI (Organizationally Unique Identifier)

The first $24$ bits of a MAC address, assigned by the IEEE, which identifies the manufacturer.

Frame Check Sequence (FCS)

A cyclical redundancy check in the Ethernet frame used to check integrity and detect corruption during transit.

Unshielded Twisted Pair (UTP)

Common copper cabling used in Ethernet networks with a maximum length of $100\,m$.

Auto MDI-X

A feature on modern switches that automatically reconfigures receive and transmit signals to yield the expected result regardless of cable type.

Power over Ethernet (PoE)

A technology that delivers power to devices over standard network cables, eliminating the need for separate power supplies.

Half-duplex

A duplex mode where hosts can either send or receive data, but not both simultaneously, often associated with Hubs.

Full-duplex

A duplex mode where hosts can send and receive data at the same time using separate receive and transmit wires.

CSMA/CD

Carrier-Sense Multiple Access with Collision Detection; the method used for detecting and recovering from collisions in network segments.

DNS (Domain Name System)

A system that resolves a Fully Qualified Domain Name (FQDN) to an IP address, typically using UDP port $53$.

ARP (Address Resolution Protocol)

A protocol used to map a known IP address to a MAC address using Request and Reply message types.

ICMP (Internet Control Message Protocol)

The protocol used by Ping to verify two-way connectivity between network devices.

Traceroute

A command that traces the path to a destination hop-by-hop by sending packets with increasing Time to Live (TTL) values.

SVI (Switched Virtual Interface)

A virtual interface on a switch, such as VLAN 1, used for management IP addresses or Layer 3 routing.

CDP (Cisco Discovery Protocol)

A Cisco proprietary Layer 2 protocol used to share information with directly connected Cisco equipment.

LLDP (Link Layer Discovery Protocol)

An open-standard neighbor discovery protocol similar to CDP.

Dual Stack

An IPv6 transition strategy where a network interface has both an IPv4 and an IPv6 address at the same time.

EUI-64

A method to generate a $64$ bit host portion for an IPv6 address by injecting $FF:FE$ into the middle of a MAC address and inverting the $7\text{th}$ bit.

Neighbor Discovery Protocol

The IPv6 equivalent of ARP, using Soldier-Node multicast and ICMPv6 Solicitation and Advertisement messages.

VPN (Virtual Private Network)

A technology providing a virtual tunnel between private networks across a shared public network.

DMVPN (Dynamic Multipoint VPN)

A Cisco proprietary site-to-site VPN option that provides scalable hub-and-spoke configuration with direct full mesh connectivity.

MPLS (Multi Protocol Label Switching)

A WAN connectivity option using a shared core infrastructure with PE and P routers to provide Layer 2 or Layer 3 VPN services.

DWDM (Dense Wavelength Division Multiplexing)

A technology that multiplexes multiple optical signals into one signal over a single fiber strand.

Firewall

A security device that blocks or permits traffic based on rules; include stateful types that track connection states and Next Generation types with application-level inspection.

Symmetric Encryption

An encryption method where the same shared key is used to both encrypt and decrypt data (e.g., DES, AES).

Asymmetric Encryption

Encryption using public and private key pairs where data encrypted with one can only be decrypted by the other (e.g., RSA, ECDSA).

Traffic Shaping

A QoS mechanism that buffers excess traffic to stay within a desired rate limit.

Traffic Policing

A QoS mechanism that drops or re-marks excess traffic to enforce a specified rate limit.

NBAR (Network Based Application Recognition)

A classification method that recognizes traffic based on its Layer 3 to Layer 7 characteristics.

Hypervisor

Software that supports running multiple virtual systems on physical hardware; Type 1 runs on bare metal, while Type 2 runs on a host OS.

Cloud Service Models

Infrastructure as a Service (IaaS) provides OS-level access; Platform as a Service (PaaS) manages the OS for application developers; Software as a Service (SaaS) manages everything up to the data.

SNMP (Simple Network Management Protocol)

A protocol where a Manager collects information from an Agent; versions include SNMPv1 (plain text), SNMPv2c (bulk retrieval), and SNMPv3 (encryption/authentication).

AAA

Authentication (verifying identity), Authorization (specifying permissions), and Accounting (tracking user actions).

SSH (Secure Shell)

A protocol providing encrypted command-line access to devices, typically via VTY lines on port $22$.

CAPWAP

Control And Provisioning of Wireless Access Points; a protocol used by WLCs to manage Lightweight Access Points using UDP ports $5246$ and $5247$.

REST (Representational State Transfer)

An API architecture guideline that uses HTTP methods and supports multiple data formats like JSON and XML.

SDN (Software Defined Networking)

A network model where a controller manages the control plane; includes pure SDN (controller-only control) and hybrid SDN (distributed control).

NAT (Network Address Translation)

A mechanism used to map private IP addresses to public ones; variations include Static NAT, Dynamic NAT, and PAT (Overload).

Distance Vector Protocol

A routing protocol type (e.g., RIP) often described as 'Routing by rumour' that uses metrics like hop count.

Link State Protocol

A routing protocol type (e.g., OSPF) where routers build a complete topology database and use Link State Advertisements (LSA).

Administrative Distance

A measure of how trusted a routing protocol is, used to select between different routing protocols for the same destination.

EtherChannel

A technology grouping multiple physical interfaces into a single logical interface for increased bandwidth and redundancy; uses LACP or PAgP.

ACL (Access Control List)

A set of permit or deny rules; Standard ACLs check source addresses, while Extended ACLs check protocol, source, destination, and ports.

DHCP Snooping

An access layer security mechanism that prevents rogue DHCP servers by allowing server traffic only on trusted ports.

802.1x

A port-based authentication protocol involving a Supplicant (PC), Authenticator (Switch), and Authentication Server (AAA).

HSRP (Hot Standby Router Protocol)

A Cisco proprietary FHRP deployed in active/standby pairs to provide automated gateway failover using a Virtual IP.

VTP (VLAN Trunking Protocol)

A Cisco protocol used to synchronize VLAN databases across switches in a domain; modes include Server, Client, and Transparent.

Spanning Tree Protocol (STP)

A Layer 2 protocol that prevents loops by detecting them and blocking redundant ports; uses Bridge IDs and BPDUs.

Router on a Stick (RoaS)

An Inter-VLAN routing method using a single physical Ethernet cable and virtual sub-interfaces for each VLAN.

Deep Learning

A type of Machine Learning based on a Neural Network with at least two hidden layers.

Generative AI

AI that utilizes patterns learned from past data to create new outputs such as text, images, or audio.

Retrieval-Augmented Generation (RAG)

A process that enhances LLM accuracy by looking up external databases using an Embedding Model and Vector Database.